github-actions[bot]
commented
1 year ago This issue is stale because it has been open for 60 days with no activity. Remove stale label or comment to re-open.
Closed JeS24 closed 6 months ago
github-actions[bot]
commented
1 year ago This issue is stale because it has been open for 60 days with no activity. Remove stale label or comment to re-open.
github-actions[bot]
commented
11 months ago This issue is stale because it has been open for 60 days with no activity. Remove stale label or comment to re-open.
github-actions[bot]
commented
9 months ago This issue is stale because it has been open for 60 days with no activity. Remove stale label or comment to re-open.
github-actions[bot]
commented
7 months ago This issue is stale because it has been open for 60 days with no activity. Remove stale label or comment to re-open.
JeS24
commented
6 months ago Fixed via #44.
Feature request / Suggestion
We are currently using Sign in with Google, which adds a Google-controlled button to the Tirtha website, along with a handful of their scripts to allow people to authenticate on Tirtha. However, those scripts send periodic logging requests to google servers. The same is true for most other identity providers (IdPs) like Google. Since we want the experience on the website to be frictionless, we have to support the more popular IdPs, including Google, but we can try and minimize the amount of logging they do. This issue will track alternatives and options to tackle this issue.
Possible implementation
An option is to use FOSS authentication middleware, such as
authlib, which also uses the OpenID Connect Protocol (OIDC), but without any tracking. We can perhaps explore this. Prima facie, this should weed out continuous (periodic) tracking requests, even if Google or other IdPs will still be able to know what service a person is logging in to.Self-check